diff options
author | tzlil <tzlils@protonmail.com> | 2023-07-29 03:15:24 +0300 |
---|---|---|
committer | tzlil <tzlils@protonmail.com> | 2023-07-29 03:15:24 +0300 |
commit | 0c96cccb7392b688b192241fb0462e117364ce1f (patch) | |
tree | 845c552cdaa2200cdaf93e207dc995928d77107d /hosts/vps/maloja.nix | |
parent | 489e84e149b4b1b470bd0c88aa8b18a3650db3f5 (diff) |
added maloja
Diffstat (limited to 'hosts/vps/maloja.nix')
-rw-r--r-- | hosts/vps/maloja.nix | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/hosts/vps/maloja.nix b/hosts/vps/maloja.nix new file mode 100644 index 0000000..3d4530d --- /dev/null +++ b/hosts/vps/maloja.nix @@ -0,0 +1,51 @@ +{ + pkgs, + config, + lib, + ... +}: { + config = { + users.groups.maloja = {}; + users.users.maloja = { + isSystemUser = true; + description = "maloja"; + group = "maloja"; + home = "/var/lib/maloja"; + }; + + security.lockKernelModules = lib.mkForce false; + virtualisation.oci-containers.containers.maloja = { + ports = ["42010:42010"]; + image = "krateng/maloja"; + volumes = [ + "/var/lib/maloja:/data" + ]; + environment = { + MALOJA_DATA_DIRECTORY = "/data"; + MALOJA_SKIP_SETUP = "True"; + MALOJA_NAME = "tzlil"; + MAlOJA_PROXY_IMAGES = "True"; + }; + }; + + # systemd.services.podman-maloja.serviceConfig.User = "maloja"; + # systemd.services.podman-maloja.serviceConfig.Group = "maloja"; + + networking.firewall.allowedTCPPorts = [42010]; + + environment.persistence."/nix/persist".directories = [ + { + directory = "/var/lib/maloja"; + user = "maloja"; + group = "maloja"; + } + ]; + + services.caddy = { + virtualHosts."fm.tzlil.net".extraConfig = '' + bind 0.0.0.0 + reverse_proxy :42010 + ''; + }; + }; +} |